{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:d6ffff1e-ff27-5fff-875d-dd79b27b609d", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-tracing@3.5.9-tuxcare.4", "type": "library", "group": "org.apache.cxf.systests", "name": "cxf-systests-tracing", "version": "3.5.9-tuxcare.4", "purl": "pkg:maven/org.apache.cxf.systests/cxf-systests-tracing@3.5.9-tuxcare.4" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:fa1858b6-07b2-5304-8326-e464be5eb717", "id": "CVE-2005-4838", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2005-4838 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-tracing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-tracing@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e0267bae-637b-5c7e-80ca-a8d95e35bab4", "id": "CVE-2006-7196", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2006-7196 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-tracing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-tracing@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:dbf36742-9fe3-53f4-8729-b93973e89efe", "id": "CVE-2007-1358", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-1358 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-tracing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-tracing@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:8b395e41-eeef-5d49-bac2-9b0f478c1ab7", "id": "CVE-2007-2449", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2007-2449 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-tracing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-tracing@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:311916b5-4894-5a32-9a9d-308e4cfe1333", "id": "CVE-2008-0128", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2008-0128 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-tracing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-tracing@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:07963bcc-f014-5873-a3ca-f4b8c9de4ce6", "id": "CVE-2009-2696", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2009-2696 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-tracing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-tracing@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:b4bba21b-02aa-515a-95f5-a647c0835f8c", "id": "CVE-2010-1151", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2010-1151 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-tracing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-tracing@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e8f18015-124c-5224-a546-f8a2a255241d", "id": "CVE-2013-2185", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-2185 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-tracing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-tracing@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:17926d6a-6917-5fd2-9f31-711747dc5721", "id": "CVE-2013-4286", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4286 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-tracing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-tracing@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:614a4b8f-60c2-51d7-b3c6-aa509f253b10", "id": "CVE-2013-4322", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4322 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-tracing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-tracing@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:1ad2d7a2-7e0d-5757-b009-02f03c30e42b", "id": "CVE-2013-4444", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4444 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-tracing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-tracing@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:3ba9855e-14f3-5736-8a3f-bd9ed4c41687", "id": "CVE-2013-4590", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-4590 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-tracing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-tracing@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:906b1568-a904-5b39-a3c9-6b6a0fb78306", "id": "CVE-2013-6357", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2013-6357 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-tracing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-tracing@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:6372b813-9b31-5bcc-b759-31905c4bd925", "id": "CVE-2014-0075", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0075 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-tracing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-tracing@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:5231bf6c-4262-5bff-977f-a443ecbf9dac", "id": "CVE-2014-0096", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0096 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-tracing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-tracing@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:3fed6224-4a01-5fb0-82f9-ab7940174fdf", "id": "CVE-2014-0099", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0099 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-tracing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-tracing@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:93b54178-5a61-5a6f-a92f-1525d771a457", "id": "CVE-2014-0119", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2014-0119 is a false positive for org.apache.cxf.systests:cxf-systests-tracing 3.5.9-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-tracing@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:e6493013-0991-5044-b134-a79fde17afc4", "id": "CVE-2014-0219", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2014-0219 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-tracing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-tracing@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:7b0e1baa-f536-51a2-89bd-6fcff9aa8076", "id": "CVE-2016-8735", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8735 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-tracing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-tracing@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:4aec2d28-2d72-5bd0-8df8-56c7878db4eb", "id": "CVE-2016-8750", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2016-8750 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-tracing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-tracing@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:07a22786-75f7-5e4f-9b60-35530ae29497", "id": "CVE-2018-11786", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11786 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-tracing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-tracing@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a507de70-d0b5-5161-baaf-6a618d9d5b80", "id": "CVE-2018-11788", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2018-11788 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-tracing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-tracing@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:998220d0-c246-5f51-a4f4-c0eb9f779e48", "id": "CVE-2019-0191", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0191 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-tracing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-tracing@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:92fc9c02-9f6b-5190-90a5-e794c756ef29", "id": "CVE-2019-0226", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2019-0226 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-tracing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-tracing@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:a1f04130-c745-5b18-81ae-3f3b3dc82c29", "id": "CVE-2020-11980", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-11980 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-tracing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-tracing@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:42e2ee83-ba07-50cb-8f11-0c452d8cfd9a", "id": "CVE-2020-8022", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2020-8022 is a false positive for org.apache.cxf.systests:cxf-systests-tracing 3.5.9-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-tracing@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:aad219a0-f96d-5ca3-9a91-530ed9a8f8af", "id": "CVE-2021-41766", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-41766 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-tracing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-tracing@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:70f28a58-6bad-59dc-89b3-39b1bc7bfb45", "id": "CVE-2022-22932", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-22932 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-tracing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-tracing@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:7fdf681f-ab13-5c76-939d-fa709cc8a0f6", "id": "CVE-2022-40145", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2022-40145 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-tracing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-tracing@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:de545c7a-98b3-5c76-9ba3-0ecff76aa1f3", "id": "CVE-2025-15104", "analysis": { "state": "false_positive", "detail": "Vulnerability CVE-2025-15104 is a false positive for org.apache.cxf.systests:cxf-systests-tracing 3.5.9-tuxcare.4." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-tracing@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:21379af0-ef7d-5831-907b-81c2606f58f7", "id": "CVE-2025-23184", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-23184 is fixed in version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-tracing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-tracing@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:bd2f510f-457e-5f81-ba06-dd1b0bbfbb32", "id": "CVE-2025-24813", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-24813 affects version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-tracing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-tracing@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:253421b4-5435-558b-bd70-9c57fd4614e4", "id": "CVE-2025-48795", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48795 is fixed in version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-tracing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-tracing@3.5.9-tuxcare.4" } ] }, { "bom-ref": "urn:uuid:f0430ce0-71e5-528f-a28a-2771b4b37454", "id": "CVE-2025-48913", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2025-48913 is fixed in version 3.5.9-tuxcare.4 of org.apache.cxf.systests:cxf-systests-tracing." }, "affects": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-tracing@3.5.9-tuxcare.4" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.apache.cxf.systests/cxf-systests-tracing@3.5.9-tuxcare.4" } ] }